Using Zrok latest version get this:
zrok invite --token (use token) (base)
[WARNING]: unable to open zrokdir metadata; ignoring
there was a problem creating an invitation!
you are trying to use the zrok service at: https://api.zrok.io
should you be using a --token? check with your instance administrator!
you can change your zrok service endpoint using this command:
$ zrok config set apiEndpoint
(where newEndpoint is something like: https://some.zrok.io)
[ERROR]: error creating zrok api client (error getting version from api endpoint âhttps://api.zrok.ioâ: Get âhttps://api.zrok.io/api/v1/versionâ: net/http: TLS handshake timeout: Get âhttps://api.zrok.io/api/v1/versionâ: net/http: TLS handshake timeout)
Hi @krionical, thanks for trying out zrok and welcome to the community.
Iâm a bit confused as to the actual problem. Have you already emailed and asked for a beta token and are trying to connect via linux mint? Thatâs what I assume? Youâre not trying to invite yourself, right? You have gotten a token emailed back to you?
I donât know of any reason why Mint would be âspecialâ. The TLS handshake timeout is definitely strange and unexpected. You shouldnât need to set the apiEndpoint for zrok.ioâŚ
Can you just clarify what the problem is?
Yeah sure. So I emailed and received a token because I kept getting the handshake error. Then I tried to register with the token and got a timeout for the handshake just as I did when I tried to request. I am guessing the TLS handshake is the real culprit, since I had trouble with it at both steps, but mentioned the distro since usually git bug reports want to know the distro. (Force of habit)
Can you access https://api.zrok.io in a browser? Does it show up as a valid site or does it tell you that itâs ânot trustedâ? You SHOULD see a valid certificate from AWS with this chain:
Itâs possible Mint doesnât have this CA in the operating systemâs trust store.
Could you run this command and provide the output:
openssl s_client -connect api.zrok.io:443
example (and expected) output, only the last few lines shown:
Start Time: 1676342701
Timeout : 7200 (sec)
Verify return code: 0 (ok)
Extended master secret: no
Start Time: 1676342809
Timeout : 7200 (sec)
Verify return code: 0 (ok)
Extended master secret: no
Yep. That's fine.
Edit to include: The site is locked in the browser which means trusted and fine.
Well this is ⌠unexpected⌠Iâll have to have a think over what this might be and figure out how to diagnose what is going wrong. Nothing comes immediately to mind⌠You donât have any other VPN active I presume, right? nothing âperson-in-the-middlingâ the connection?
Nope. No VPN is currently on or anything else I can think of that would âperson in the middleâ the connection.
can you run the command with --panic and --verbose and provide the output (with your token removed) please?
zrok invite --token --panic --verbose (base)
[WARNING]: unable to open zrokdir metadata; ignoring
enter and confirm your email address...
email
email
[Submit]
there was a problem creating an invitation!
you are trying to use the zrok service at: https://api.zrok.io
should you be using a --token? check with your instance administrator!
you can change your zrok service endpoint using this command:
$ zrok config set apiEndpoint
(where newEndpoint is something like: https://some.zrok.io)
[ERROR]: error creating invitation ([POST /invite][401] inviteUnauthorized)
This was my original problem where I emailed in to get a token...
Well, mysteriously, the email came through anyway, and I was able to complete the process so mark the mystery solved I guess! Thanks for the help. Maybe it just needed threatening.
Woah. Interesting. Seems almost transient. Iâm glad itâs working but clearly you hit some kind of odd error there⌠Thanks for sticking with it!
1 Like
Zrok was version upgraded between problems and someone else reported my original issue so it might have been âstuck in limboâ for some reason I canât completely identify but even though the post says failed the email came through so its a mixed bag but the outcome is âsuccessâ.
1 Like
Ah. Thatâs also good information. Thanks for that
1 Like